diff --git a/dnscrypt-proxy/serversInfo.go b/dnscrypt-proxy/serversInfo.go
index cc44fb87..44cc54d7 100644
--- a/dnscrypt-proxy/serversInfo.go
+++ b/dnscrypt-proxy/serversInfo.go
@@ -270,9 +270,6 @@ func (serversInfo *ServersInfo) fetchDoHServerInfo(proxy *Proxy, name string, st
 	if _, _, err := proxy.xTransport.DoHQuery(useGet, url, body, proxy.timeout); err != nil {
 		useGet = true
 		if _, _, err := proxy.xTransport.DoHQuery(useGet, url, body, proxy.timeout); err != nil {
-			if proxy.xTransport.tlsCipherSuite != nil && strings.Contains(err.Error(), "handshake failure") {
-				dlog.Warnf("TLS handshake failure - Try changing or deleting the tls_cipher_suite value in the configuration file")
-			}
 			return ServerInfo{}, err
 		}
 		dlog.Debugf("Server [%s] doesn't appear to support POST; falling back to GET requests", name)
diff --git a/dnscrypt-proxy/xtransport.go b/dnscrypt-proxy/xtransport.go
index b0c434c1..409a43ef 100644
--- a/dnscrypt-proxy/xtransport.go
+++ b/dnscrypt-proxy/xtransport.go
@@ -235,6 +235,11 @@ func (xTransport *XTransport) Fetch(method string, url *url.URL, accept string,
 	}
 	if err != nil {
 		dlog.Debugf("[%s]: [%s]", req.URL, err)
+		if xTransport.tlsCipherSuite != nil && strings.Contains(err.Error(), "handshake failure") {
+			dlog.Warnf("TLS handshake failure - Try changing or deleting the tls_cipher_suite value in the configuration file")
+			xTransport.tlsCipherSuite = nil
+			xTransport.rebuildTransport()
+		}
 	}
 	return resp, rtt, err
 }